sieve cryptographically enforced access control for user
play

Sieve: Cryptographically Enforced Access Control for User Data in - PowerPoint PPT Presentation

Aug 27, 2022 •162 likes •1.12k views

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT CSAIL) , James Mickens (Harvard), Nickolai Zeldovich (MIT CSAIL), Vinod Vaikuntanathan (MIT CSAIL) 1 Motivation Boston Marathon NY Marathon

  1. Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT CSAIL) , James Mickens (Harvard), Nickolai Zeldovich (MIT CSAIL), Vinod Vaikuntanathan (MIT CSAIL) 1

  2. Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2

  3. Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2

  4. Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2

  5. Motivation Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 2

  6. Problem: Curious storage provider or external attacker Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 3

  7. Problem: Curious storage provider or external attacker Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 3

  8. Naïve Approach: Encrypt Data under 1 key Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4

  9. Naïve Approach: Encrypt Data under 1 key Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4

  10. Naïve Approach: Encrypt Data under 1 key Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4

  11. Naïve Approach: Encrypt Data under 1 key How does the user selectively disclose her data? Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4

  12. Another Approach: Encrypt each piece of data individually Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 5

  13. Another Approach: Encrypt each piece of data individually Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 5

  14. Another Approach: Encrypt each piece of data individually Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 5

  15. Another Approach: Encrypt each piece of data individually Boston Marathon type=race type=running NY Marathon FitBit Cloud Server type=fitness Insurance 5

  16. Contributions • Sieve: a new platform that allows users to selectively and securely disclose their data – Sieve protects against server compromise – Sieve hides key management from users – Reasonable performance – Sieve supports revocation – Sieves allows users to recover from device loss – Good for web services that analyze user data 6

  17. Outline • Sieve – Protocol – Optimizations – Revocation – Device Loss • Implementation • Evaluation 7

  18. Sieve Overview 8

  19. Sieve Overview User Storage Provider Web services 8

  20. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon 8

  21. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial 8

  22. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial 8

  23. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8

  24. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8

  25. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Location=US, Year=2012, Year=2012, Type=fitness Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8

  26. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Location=US, Year=2012, Year=2012, Type=fitness Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8

  27. Sieve Overview User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, Location=US, Year=2012, Year=2012, Type=fitness Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8

  28. Threat Model • Storage provider is a passive adversary – Adversary can read all data – Follows protocol • Web services trusted with user data they are given access to • User and her devices trusted 9

  29. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • 10

  30. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey Encrypt Decrypt 10

  31. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 AND type=Fitness) Encrypt Decrypt 10

  32. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) Encrypt Decrypt 10

  33. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) public Encrypt Attributes : Location=US, Year=2012, Type=fitness Decrypt 10

  34. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) public Encrypt Attributes : Location=US, Year=2012, Location=US, Type=fitness Year=2012, Type=fitness Decrypt 10

  35. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) public Encrypt Attributes : Location=US, Year=2012, Location=US, Type=fitness Year=2012, Type=fitness Decrypt Location=US, (Year < 2013 AND Year=2012, Type=Fitness ) Type=fitness 10

  36. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) public Encrypt Attributes : Location=US, Year=2012, Location=US, Type=fitness Year=2012, Type=fitness Decrypt Location=US, (Year < 2013 AND Year=2012, Type=Fitness ) Type=fitness 10

  37. Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair • Three main functions • GenerateDecKey private Policy : (Year < 2013 (Year < 2013 AND AND type=Fitness) Type=Fitness ) public Encrypt Attributes : Location=US, Year=2012, Location=US, Type=fitness Year=2012, Type=fitness Decrypt Location=US, (Year < 2013 AND Year=2012, Type=Fitness ) Type=fitness Note: attributes and policy are in cleartext 10

  38. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon 11

  39. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Year=2012, Encrypt Type=fitness Year=2015, Type=financial 11

  40. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Year=2012, Encrypt Type=fitness Year=2015, Type=financial 11

  41. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Year=2012, Encrypt Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) ABE GenerateDecKey 11

  42. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Year=2012, Encrypt Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) ABE GenerateDecKey 11

  43. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Location=US, Year=2012, Year=2012, Encrypt Type=fitness Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) ABE GenerateDecKey 11

  44. Sieve with ABE User Storage Provider Web services Sieve storage Sieve user client Sieve data import daemon Location=US, ABE Location=US, Year=2012, Year=2012, Encrypt Type=fitness Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) ABE ABE GenerateDecKey Decrypt 11

  45. Challenges with ABE • Performance • Revocation • Device Loss 12

Recommend

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information Security Group Royal Holloway, University of London ESORICS 2011 Traditional Access Control ? SECRET Time-Storage

707 views • 45 slides
Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys

Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys

Preliminaries A bounded asynchronous Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys asynchronous scheme Concluding remarks Jason Crampton Questions Information Security Group Royal

673 views • 43 slides
Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

CS 4410 Operating Systems Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2 Access control Confidentiality and integrity are often enforced using access control. Predefined operations are the

649 views • 17 slides
Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel

virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel

virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel delegating naming, authentication to user programs set-user-ID programs: controlled access to priv. functions extremely tricky to write securely

1.3k views • 109 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confiden5ality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ applica5on Hardware/

985 views • 46 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confidentiality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ application

1.31k views • 50 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Computer and Information Security Fall 2019 User Authentication and Access Control Tyler Bletsch

Computer and Information Security Fall 2019 User Authentication and Access Control Tyler Bletsch

ECE590 Computer and Information Security Fall 2019 User Authentication and Access Control Tyler Bletsch Duke University User Authentication Determining if a user is who they say they are before giving them access. 2 The four means of

1.02k views • 70 slides
ECE590 Computer and Information Security Fall 2018 User Authentication and Access Control Tyler

ECE590 Computer and Information Security Fall 2018 User Authentication and Access Control Tyler

ECE590 Computer and Information Security Fall 2018 User Authentication and Access Control Tyler Bletsch Duke University User Authentication Determining if a user is who they say they are before giving them access. 2 The four means of

1.24k views • 66 slides
Computer and Information Security Fall 2020 User Authentication and Access Control Tyler Bletsch

Computer and Information Security Fall 2020 User Authentication and Access Control Tyler Bletsch

ECE560 Computer and Information Security Fall 2020 User Authentication and Access Control Tyler Bletsch Duke University User Authentication Determining if a user is who they say they are before giving them access. 2 The four means of

1.15k views • 70 slides
virtual machines 1 last time access control lists user and group IDs in processes set-user-ID

virtual machines 1 last time access control lists user and group IDs in processes set-user-ID

virtual machines 1 last time access control lists user and group IDs in processes set-user-ID programs briefmy: time-of-check-to-time-of-use errors capabilities: token to address = permission token might allow getting other tokens can pass

1.24k views • 105 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files &amp; processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton ,

Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton ,

Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton , Christos Kozyrakis Stanford University Nickolai Zeldovich Massachusetts Institute of Technology Web Application Overview User: webdb User: httpd

446 views • 22 slides
Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis!

Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis!

Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis! Vaccine!efficacy!versus!par*cular!pathogen!strains! Sieve!effects!and!other!effects! Some!immunological!considera*ons!

383 views • 15 slides
SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix

DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix

DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix user-group-other permission bits - Might set a file private so only group friends can read it Discretionary means anyone with access can propagate

551 views • 14 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 ,

Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 ,

Fine-grained Data Access Control Systems with User Accountability in Cloud Computing Jin Li 1 , Gansen Zhao 2 , and Xiaofeng Chen 3 Chunming Rong 4 , Yong Tang 2 1 Guangzhou University, China South China Normal University 2 3 Xidian University

784 views • 21 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a simple, modular approach to networked access control with scalability in mind. Easy management from a central location PC from anywhere with an

196 views • 9 slides
Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer Security Announcements intermission Day 10: OS security: access control Multilevel and mandatory access control Stephen McCamant University of

324 views • 10 slides

More recommend